From: Brent Sims <brent@xxxxxxxxxxx>
Reply-To: cobalt-users@xxxxxxxxxxxxxxx
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-users] password protected directory
Date: Thu, 8 Jun 2000 00:47:33 -0600 (MDT)
On Wed, 7 Jun 2000, 4Arabs.Com so wrote:
} i'm having problems password protect a directory. could someone explain
} it to me step by step. thanks
On our RaQ2s this is supported by default in the
/ect/http/conf/access.conf file with the AllowOverride All option so
I'll assume the same holds true on your machine. If not, you'll have
to add it. AllowOverride All is kind of scary, if your machine has
AllowOverride None than I'd recomend using AllowOverride AuthConfig
but I suspect your machine is set up much the same as ours. Thus you
may as well jump right in.
The first step is to create a password file that a user can
authenticate by. This is done with the htpasswd command. The -c flag
is used to create a new password file. Thus you leave the -c out
when you are simply adding additional passwords to an existing
password file. Using htpasswd is pretty easy:
htpasswd -c /path/to/password/file
You're best off putting the password file in a directory
which is not web accessable. While the odds of someone cracking a
well crafted password are slim, when it comes to security every
little bit helps. Remember to leave the -c flag out if you enter
more than one password.
Next you need to create an .htaccess file, just fire up your
favorite editor (vi and pico on our machines) and save the following
four lines (changed to meet your setup) as .htaccess in the
directory you want to password protect:
AuthName "Keep Out"
AuthType Basic
AuthUserFile /path/to/password/file
require valid-user
That's it.
Peace be with you,
Brent
Brent Sims
WebOkay Internet Services
http://www.WebOkay.net
Brent@xxxxxxxxxxx
(719) 595-1427 (Voice/Fax)
_______________________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To Subscribe or Unsubscribe, please go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users